#!/usr/bin/env bash

# ----------------------------------------------------------------------
# Filename	:  ulimited
# Version	:  1.0
# Date		:  2022/02/15
# Author	:  Lz
# Email		:  liuzuo@kylinos.com.cn 
# History	:     
#            	   Version 1.0, 2022/02/15
# Function	:  系统关键资源设置限制
# Out		:        
#              0 => TPASS
#              1 => TFAIL
#              other=> TCONF
# ----------------------------------------------------------------------

# 测试主题
Title_Env_LTFLIB="安全加固(配置类) - 系统关键资源设置限制"


## TODO : 个性化,初始化
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestInit_LTFLIB(){
	# 判断是否存在变量
	if [ "Z${Ulimit_Stack_Config_SSRFlag}" == "Z" ];then
		OutputRet_LTFLIB "${ERROR}"	
		TestRetParse_LTFLIB "未定义变量 Ulimit_Stack_Config_SSRFlag"
	fi
	if [ "Z${Ulimit_Ssr_Config_SSRFlag}" == "Z" ];then
		OutputRet_LTFLIB "${ERROR}"	
		TestRetParse_LTFLIB "未定义变量 Ulimit_Ssr_Config_SSRFlag"
	fi

        # 判断变量是否为数字
        if [ "${Ulimit_Stack_Config_SSRFlag}" -ge 0 ];then
                true
        else
                OutputRet_LTFLIB "${ERROR}"
                TestRetParse_LTFLIB "Ulimit_Stack_Config_SSRFlag 非法值: ${Ulimit_Stack_Config_SSRFlag}"
        fi
        if [ "${Ulimit_Ssr_Config_SSRFlag}" -ge 0 ];then
                true
        else
                OutputRet_LTFLIB "${ERROR}"
                TestRetParse_LTFLIB "Ulimit_Ssr_Config_SSRFlag 非法值: ${Ulimit_Ssr_Config_SSRFlag}"
        fi

        return $TPASS
}


## TODO : 清理函数
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestClean_LTFLIB(){
        return $TPASS
}


## TODO : 测试用例集
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
Testsuite_LTFLIB(){
        testcase_1
        testcase_2
        testcase_3
        testcase_4

        return $TPASS
}


## TODO : 最大栈空间大小，文件内容判断
#
testcase_1(){
	local flag_str="* +soft +stack"

	# 错误选项
        local false_str="${flag_str}"
	# 正确选项
       	local true_str="${flag_str} +${Ulimit_Stack_Config_SSRFlag}"
	
	# 查看文件中配置
	local file_conf="/etc/security/limits.d/90-ssr-config.conf"
	local cmd="sudo cat ${file_conf}"
	eval ${cmd} | grep -E  "$flag_str"

	# 判断是否与需求相符
	eval ${cmd} | grep -v "^#" | grep -Eq "${true_str}"
	CommRetParse_LTFLIB "${cmd}查询,要求${true_str}" "False"

	# 判断是否重复
	local str_nums=$(eval ${cmd} | grep -v "^#" | grep -E "${true_str}" | wc -l)
	if [ "${str_nums}" -gt "1" ];then
		OutputRet_LTFLIB "${TFAIL}"	
		CommRetParse_LTFLIB "${cmd}查询,'${true_str}'重复" "False"
	fi

	# 判断是否存在其他值
	eval ${cmd} | grep -v "^#" | grep -Ev "${true_str}" | grep -E "${false_str}"
	CommRetParse_LTFLIB "${cmd}查询,不存在'${true_str}'以外的值" "False" "yes"
}


## TODO : 最大栈空间大小，命令查看
#
testcase_2(){
	local cmd="ulimit -s"

	eval ${cmd}
	eval ${cmd} | grep -q "${Ulimit_Stack_Config_SSRFlag}"	
	CommRetParse_LTFLIB "${cmd}查询,要求值为${Ulimit_Stack_Config_SSRFlag}" "False"
}


## TODO ：最大持久设置大小
#
testcase_3(){
	local flag_str="* +hard +rss"

	# 错误选项
        local false_str="${flag_str}"
	# 正确选项
       	local true_str="${flag_str} +${Ulimit_Ssr_Config_SSRFlag}"
	
	# 查看文件中配置
	local file_conf="/etc/security/limits.d/90-ssr-config.conf"
	local cmd="sudo cat ${file_conf}"
	eval ${cmd} | grep -E "$flag_str"

	# 判断是否与需求相符
	eval ${cmd} | grep -v "^#" | grep -Eq "${true_str}"
	CommRetParse_LTFLIB "${cmd}查询,要求${true_str}" "False"

	# 判断是否重复
	local str_nums=$(eval ${cmd} | grep -v "^#" | grep -E "${true_str}" | wc -l)
	if [ "${str_nums}" -gt "1" ];then
		OutputRet_LTFLIB "${TFAIL}"	
		CommRetParse_LTFLIB "${cmd}查询,'${true_str}'重复" "False"
	fi
	
	# 判断是否存在其他值
	eval ${cmd} | grep -v "^#" | grep -Ev "${true_str}" | grep -E "${false_str}"
	CommRetParse_LTFLIB "${cmd}查询,不存在'${true_str}'以外的值" "False" "yes"
}


## TODO : 最大持久设置大小，命令查看
#
testcase_4(){
	local cmd="ulimit -m"

	eval ${cmd}
	eval ${cmd} | grep -q "${Ulimit_Ssr_Config_SSRFlag}"	
	CommRetParse_LTFLIB "${cmd}查询,要求值为${Ulimit_Ssr_Config_SSRFlag}" "False"
}


#----------------------------------------------#

source "${LIB_LTFLIB}"
Main_LTFLIB $@
